Vulnerability Details CVE-2006-1658
Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://evuln.com/vulns/121/summary.html
- http://secunia.com/advisories/19526
- http://www.osvdb.org/24398
- http://www.securityfocus.com/archive/1/431344/100/0/threaded
- http://www.securityfocus.com/bid/17387
- http://www.vupen.com/english/advisories/2006/1243
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25639
- http://evuln.com/vulns/121/summary.html
- http://secunia.com/advisories/19526
- http://www.osvdb.org/24398
- http://www.securityfocus.com/archive/1/431344/100/0/threaded
- http://www.securityfocus.com/bid/17387
- http://www.vupen.com/english/advisories/2006/1243
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25639
Products affected by CVE-2006-1658
-
cpe:2.3:a:chucky_a._ivey:n.t.:1.1.0